I recently moved my mailserver from an OpenVZ-based Linux vps to a KVM-based one. Other than the OpenVZ vps forgetting it had the tun interface periodically, OpenVPN worked fine there. After moving everything over to the KVM-based vps, I find I have no tun interface, and when I start/restart OpenVPN, I see absolutely no errors in /var/log/syslog, but I'm unable to ping anything on the backup server's network, and there is no tun0 showing in ifconfig. I changed nothing in the OpenVPN server configuration, just moved it and the cert/key from the old OpenVZ server to the new KVM one.. As I use an OpenVPN tunnel to my backup server, its kind of imperative I get this working. I contacted the vps vendor support and they tried to tell me that KVM-based virtualization doesn't support tun/tap interfaces, however Google seems to disagree with them.. I find a lot of links that kind of skirt around getting OpenVPN to work routed on a KVM-based vps, but nothing that points to the fact that I can tail /var/log/syslog, start or restart OpenVPN, see all of the usual stuff (below)
Code: Select all
Jan 9 17:33:25 mail ovpn-mailsrv[7514]: OpenVPN 2.3.2 i686-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
Jan 9 17:33:25 mail ovpn-mailsrv[7514]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Jan 9 17:33:25 mail ovpn-mailsrv[7515]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Jan 9 17:33:25 mail ovpn-mailsrv[7515]: UDPv4 link local (bound): [undef]
Jan 9 17:33:25 mail ovpn-mailsrv[7515]: UDPv4 link remote: [AF_INET]XX.XXX.XXX.XX:1194
Generally on OpenVZ-based vps, when the tun interface was unconfigured, I'd see an error that pretty much pointed to that issue and
a quick ticket to the vps support got them to do their magic on the host and all was good again... Apparently KVM is different...
Help, please!!
Thanks
Dave